In our upcoming Virtual Summit, CA and Samsung SDS Nexsign will explore biometric authentication technologies and standards, and demo some leading-edge use cases for biometric authentication. Learn more about how your business can build a next generation mobile app that integrates biometric authentication solutions to deliver a more secure and intuitive user experience. Register today.

Consumers demand compelling app experiences; business success demands that security is built into mobile solutions. In the past, these two aims have seemed to be in conflict. Building robust security into applications has typically resulted in slower development times and impacts on user experience. While consumers are becoming more discerning about mobile security, they are rarely willing to sacrifice ease-of-use for peace-of-mind.

Can performance and protection ever exist in harmony for mobile applications?

At CA, we say yes – and these solutions couldn’t come soon enough. Just look to recent massive, high-profile data breaches from companies like Yahoo and Equifax to see the importance of security in web and mobile transactions. If these breaches taught us one thing, it’s that traditional knowledge-based authentication methods such as passwords and security questions are insufficient in today’s mobile-first world.

Passwords fail. What other options exist?

Passwords fail because they are easily forgotten, easily compromised, easily re-used, and easily shared. Solutions like Single Sign-On and behavioral-based authentication have emerged to address some of these shortcomings while providing a more seamless user interaction. But consumers and businesses are demanding ‘passwordless’ experiences that can be easily standardized across platforms. The FIDO Alliance was created to empower secure authentication among devices and online services while maintaining ease of use, privacy and security, and standardization.

FIDO certification involves multi-factor authentication protocols such as Universal Second Factor (U2F) and Universal Authentication Framework (UAF) that prompt online services to seek a password plus an additional authentication mechanism from devices, such as a one-time password or a biometric. ‘What you know’ authentication is quickly being replaced by ‘what you have’ and even ‘who you are’ with the incorporation of biometrics such as fingerprint and iris scans, and voice and facial recognition. In my upcoming Virtual Summit session with Samsung SDSA, I’ll explore the technology and industry standards behind biometrics, and how pioneering businesses are taking advantage of biometric authentication in a number of compelling real-world examples.

How do APIs power next-gen authentication?

FIDO standards were built on the principles of APIs, or application programming interfaces, that reduce the workload for developers to build mobile apps that securely expose enterprise data and resources outside their organizations. APIs enable broader product and partner ecosystems, but the integration, management, and security of these APIs must be prioritized to extract the most value from mobile development investments.

As our Mobile API Gateway customers invest more in mobile as a key business driver, they are increasingly seeking the ability to integrate secure logins into their apps and provide advanced authentication beyond traditional passwords. Through our partnership with Samsung SDS Nexsign, CA Mobile API Gateway customers can integrate Nexsign’s enterprise-grade biometric solution into their mobile apps, and support FIDO-based authentication using biological information such as fingerprint, facial recognition, iris scan, or voice identification.

tags

Related posts

While enterprises often talk about API Strategy and API Design as one, they are not — and like the cart and the horse, one comes before the other.

We often hear API Strategy and API Design as a single topic — and while they are both an important component of the “Plan” phase in Full Lifecycle API Management, they are nonetheless two components that need to be considered separately. This blog explores the relationship between the two.

How can I get my organization to quickly adapt to changing customer expectations? How can we deliver a better customer experience than the competition? What can I do to disrupt, rather than be disrupted? These are all top questions we hear Line of Business executives and CTOs asking when digital transformation initiatives are top of […]

I caught up with CA World presenter, Onur Fenar, to hear how T5 Systems is expanding from a local market leader to a global leader in integration and middleware, through implementing API Management solutions from CA Technologies. Our conversation CO: Hi Onur! Thanks for taking the time to speak with me today. To start, can you give us a […]